From ec6991f98b75d45a9b5905f2cdaa8edc5ab6f3fc Mon Sep 17 00:00:00 2001
From: ShirkNeko <109797057+ShirkNeko@users.noreply.github.com>
Date: Fri, 15 Aug 2025 11:00:34 +0800
Subject: [PATCH] kernel: refactor apply_kernelsu_rules to use mutex for
 synchronization

---
 kernel/selinux/rules.c | 11 ++++++++---
 kernel/sucompat.c      |  6 +++++-
 2 files changed, 13 insertions(+), 4 deletions(-)

diff --git a/kernel/selinux/rules.c b/kernel/selinux/rules.c
index 716627e4..94599792 100644
--- a/kernel/selinux/rules.c
+++ b/kernel/selinux/rules.c
@@ -24,14 +24,19 @@ static struct policydb *get_policydb(void)
 	return db;
 }
 
+static DEFINE_MUTEX(ksu_rules);
+
 void apply_kernelsu_rules()
 {
+	struct policydb *db;
+
 	if (!getenforce()) {
 		pr_info("SELinux permissive or disabled, apply rules!\n");
 	}
 
-	rcu_read_lock();
-	struct policydb *db = get_policydb();
+	mutex_lock(&ksu_rules);
+
+	db = get_policydb();
 
 	ksu_permissive(db, KERNEL_SU_DOMAIN);
 	ksu_typeattribute(db, KERNEL_SU_DOMAIN, "mlstrustedsubject");
@@ -125,7 +130,7 @@ void apply_kernelsu_rules()
 	// https://android-review.googlesource.com/c/platform/system/logging/+/3725346
 	ksu_dontaudit(db, ALL, KERNEL_SU_DOMAIN, "dir", "getattr");
 
-	rcu_read_unlock();
+	mutex_unlock(&ksu_rules);
 }
 
 #define MAX_SEPOL_LEN 128
diff --git a/kernel/sucompat.c b/kernel/sucompat.c
index 57e0d151..122ab5af 100644
--- a/kernel/sucompat.c
+++ b/kernel/sucompat.c
@@ -267,9 +267,13 @@ static int execve_handler_pre(struct kprobe *p, struct pt_regs *regs)
 static struct kprobe *su_kps[4];
 static int pts_unix98_lookup_pre(struct kprobe *p, struct pt_regs *regs)
 {
-	struct inode *inode;)
+	struct inode *inode;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 6, 0)
 	struct file *file = (struct file *)PT_REGS_PARM2(regs);
 	inode = file->f_path.dentry->d_inode;
+#else
+	inode = (struct inode *)PT_REGS_PARM2(regs);
+#endif
 
 	return ksu_inline_handle_devpts(inode);
 }